Squid 2.4 Stable1
Configuration Manual
 

 
Previous
Table of Contents
Next

DELAYPOOL PARAMETERS


Tag Name

delay_pools

Usage

delay_pools numbers

Description

This represents the number of delay pools to be used. For example, if you have one class 2 delay pool and one class 3 delay pool, you have a total of 2 delay pools. Delay pools allow you to limit traffic for clients or client groups, with various features. Objects retrieved from the cache will not be delayed. Only the object from the server will be delayed. This option is only available if Squid is rebuiltwith the --enable-delaypools option

Default

delay_pools 0

Example

delay_pools 2

Caution

To enable this option, you must use --enable-delay-pools with the # configure script.


Tag Name

delay_class

Usage

delay_class number (delay-pool number), number (delay class)

Description

This defines the class of each delay pool. There must be exactly one delay_class line for each delay pool. For example, to define two delay pools; one of class 2 and one of class 3, the settings will be like as given in the example. For details on the delay pool classes see Glossary. This option is only available if Squid is rebuilt with the --enable-delaypools option

Default

none

Example

delay_pools 2 # 2 delay pools
delay_class 1 2 # pool 1 is a class 2 pool
delay_class 2 3 # pool 2 is a class 3 pool

Caution

-


Tag Name

delay_access

Usage

delay_access allow acl name|deny acl name

Description

This is used to determine which delay pool a request falls into. The first matched delay pool is always used, i.e., if a request falls into delay pool number one, no more delay are checked, otherwise the rest are checked in order of their delay pool number until they have all been checked. For example, if you want some_big_clients in delay pool 1 and lotsa_little_clients in delay pool 2 then look atthe example below. This option is only available if Squid is rebuiltwith the --enable-delaypools option

Default

none

Example

delay_access 1 allow some_big_clients
delay_access 1 deny all
delay_access 2 allow lotsa_little_clients
delay_access 2 deny all

Caution

-


Tag Name

delay_parameters

Usage

delay_parameters pool aggregate (for delay_class 1 networks)
delay_parameters pool aggregate individual (for delay_class 2 networks)
delay_parameters pool aggregate network individual (for delay_class 3 networks)

Description

This defines the parameters for a delay pool. Each delay pool has number of "buckets" associated with it, as explained in the description of delay_class. For a class 1,2 and 3 delay pool, the syntax is given in the usage. For Glossary of term related to delay_pool see Glossary . This option is only available if Squid is rebuilt with the --enable-delaypools option

Default

none

Example1


acl tech src 192.168.0.1/32-192.168.0.20/32
acl no_hotmail url_regex -i hotmail
acl all 0.0.0.0/0

delay_pools 1 #Number of delay_pool 1
delay_class 1 1 #pool 1 is a delay_class 1
delay_parameters 1 100/100
delay_access 1 allow no_hotmail !tech

In the above example hotmail users are limited to the speed of specified in the delay_class. IP’s in the ACL tech are allowed in the normal bandwidth. You can see the usage of bandwidth through cachemgr.cgi.

Example2


acl all src 0.0.0.0/0.0.0.0 # might already be defined

delay_pools 1
delay_class 1 1
delay_access 1 allow all
delay_parameters 1 64000/64000 # 512 kbits == 64 kbytes per second

The above example tells that the squid is limited to the bandwidth of 512k.For ACL you can go Here .


Caution

-


Tag Name

delay_initial_bucket_level

Usage

delay_initial_bucket_level bytes

Description

The initial bucket percentage is used to determine how much is put in each bucket when squid starts, is reconfigured, or firstnotices a host accessing it (in class 2 and class 3, individual hostsand networks only have buckets associated with them once they havebeen "seen" by squid). This option is only available if Squid is rebuiltwith the --enable-delaypools option.

Default

delay_initial_bucket_level 50(bytes)

Example

-

Caution

-


Tag Name


incoming_icp_average
incoming_http_average
incoming_dns_average
min_icp_poll_cnt

min_dns_poll_cnt
min_http_poll_cnt


Usage

TagName Number

Description

This describes the algorithms used for the above tags.

INCOMING sockets are the ICP and HTTP ports. We need to check these fairly regularly, but how often? When the load increases, we want to check the incoming sockets more often. If we have a lot of incoming ICP, then we need to check these sockets more than if we just haveHTTP. The variables 'incoming_icp_interval' and 'incoming_http_interval'determine how many normal I/O events to process before checking incomingsockets again. Note we store the incoming_interval multiplied by afactor of (2^INCOMING_FACTOR) to have some pseudo-floating point precision.

The variable 'icp_io_events' and 'http_io_events' counts how many normal I/O events have been processed since the last check on the incoming sockets. When io_events > incoming_interval, its time to check incoming sockets.

Every time we check incoming sockets, we count how many new messages or connections were processed. This is used to adjust the incoming_interval for the next iteration. The new incoming_interval is calculated asthe current incoming_interval plus what we would like to see as anaverage number of events minus the number of events just processed.

incoming_interval = incoming_interval + target_average - number_of_events_processed

There are separate incoming_interval counters for both HTTP and ICP events. You can see the current values of the incoming_interval, as well as a histogram of 'incoming_events' by asking the cache manager for 'comm_incoming', e.g.:

% ./client mgr:comm_incoming


Default

incoming_icp_average 6
incoming_http_average 4
incoming_dns_average 4

min_icp_poll_cnt 8
min_dns_poll_cnt 8

min_http_poll_cnt 8


Example

-

Caution

-We have MAX_INCOMING_INTEGER as a magic upper limit on incoming_interval for both types of sockets. At the largest value the cache will effectively be idling.
-The higher the INCOMING_FACTOR, the slower the algorithm will respond to load spikes/increases/decreases in demand. A value between 3 and 8 is recommended


Tag Name

max_open_disk_fds

Usage

max_open_disk_fds number

Description

This specifies the maximum file descriptor squid can use to open files. To avoid having disk as the I/O bottleneck Squid can optionally bypass the on-disk cache if more than this amount of disk file descriptors are open.

A value of 0 indicates no limit

Default

max_open_disk_fds 0

Example

-

Caution

-


Tag Name

offline_mode

Usage

offline_mode on|off

Description

Enable this option and Squid will never try to validatecached objects.

Default

offline_mode off

Example

-

Caution

-


Tag Name

uri_whitespace

Usage

uri_whitespace options

Description

The action to be done on the requests that have whitespace characters in the URI is decided with this tag.
Available options:

strip:
The whitespace characters are stripped out of the URL. This is thebehavior recommended by RFC2616.
deny:
The request is denied. The user receives an "Invalid Request" message.
allow:
The request is allowed and the URI is not changed. The whitespace characters remain in the URI. Note the whitespace is passed to redirector processes if they are in use.
Encode:
The request is allowed and the whitespace characters are encoded according to RFC1738. This could be considered a violation of the HTTP/1.1 RFC because proxies are not allowed to rewrite URI's.
chop:
The request is allowed and the URI is chopped at the first whitespace. This might also be considered a violation

Default

uri_whitespace strip

Example

uri_whitespace chop

Caution

-


Tag Name

broken_posts

Usage

broken_posts allow|deny acl name

Description

A list of ACL elements which, if matched, causes Squid to send a extra CRLF pair after the body of a PUT/POST request. Some HTTP servers have broken implementations of PUT/POST, and rely on an extra CRLF pair sent by some WWW clients

Default

none

Example

acl buggy_server url_regex ^http://....
broken_posts allow buggy_server

Caution

-


Tag Name

mcast_miss_addr

Usage

mcast_miss_addr enable|disable

Description

If you enable this option, every "cache miss" URL will be sent out on the specified multicast address. This option is only available if Squid is rebuilt with the -DMULTICAST_MISS_STREAM option

Default

mcast_miss_addr 255.255.255.255

Caution

This option should be enabled only after a careful understanding. See multicast


Tag Name

mcast_miss_ttl

Usage

mcast_miss_ttl time-units

Description

This is the time-to-live value for packets multicasted when multicasting off cache miss URLs is enabled. This option is only available if Squid is rebuilt with the -DMULTICAST_MISS_TTL option

Default

mcast_miss_ttl 16

Example

-

Caution

-


Tag Name

mcast_miss_port

Usage

mcast_miss_port port no

Description

This is the port number to be used in conjunction with 'mcast_miss_addr'. This option is only available if Squid is rebuilt with the -DMULTICAST_MISS_TTL option

Default

mcast_miss_port 3135

Example

-

Caution

This tag is used only when u enable mcast_miss_addr


Tag Name

mcast_miss_encode_key

Usage

mcast_miss_encode_key enable|disable

Description

The URLs that are sent in the multicast miss stream areencrypted. This is the encryption key. This option is only availableif Squid is rebuilt with the -DMULTICAST_MISS_STREAM option

Default

mcast_miss_encode_key XXXXXXXXXXXXXXX

Example

-

Caution

-


Tag Name

nonhierarchical_direct

Usage

nonhierarchical_direct on|off

Description

By default, Squid will send any non-hierarchical requests (matching hierarchy_stoplist or not cacheable request type) directto origin servers. If you set this to off, then Squid will prefer tosend these requests to parents. Note that in most configurations, byturning this off you will only add latency to this request withoutany improvement in global hit ratio. If you are inside a firewall thensee never_direct insteadof this directive

Default

nonhierarchical_direct on

Example

-

Caution

-


Tag Name

prefer_direct

Usage

prefer_direct on|off

Description


Normally Squid tries to use parents for most requests. If you by some reason like it to first try going direct and onlyuse a parent if going direct fails then set this to off.

By combining nonhierarchical_direct off and prefer_direct on youcan set up Squid to use a parent as a backup path if going directfails.


Default


prefer_direct off


Example

-

Caution

-


Tag Name

strip_query_terms

Usage

strip_query_terms on|off

Description


By default, Squid strips query terms from requested URLs before logging. This protects your user's privacy


Default


strip_query_terms on


Example

-

Caution

-


Tag Name

coredump_dir

Usage

coredump_dir directory

Description


By default Squid leaves core files in the first cache_dir directory. If you set 'coredump_dir' to a directory that exists,Squid will chdir() to that directory at startup and coredump fileswill be left there


Default


-


Example

coredump_dir /usr/local

Caution

-


Tag Name

redirector_bypass

Usage

redirector_bypass on|off

Description


When this is 'on', a request will not go through the redirector if all redirectors are busy. If this is 'off' and the redirectorqueue grows too large, Squid will exit with a FATAL error and askyou to increase the number of redirectors. You should only enablethis if the redirectors are not critical to your caching system.If you use redirectors for access control, and you enable this option,then users may have access to pages that they should not be allowedto request


Default


redirector_bypass off


Example

-

Caution

-


Tag Name

ignore_unknown_nameservers

Usage

ignore_unknown_nameservers on|off

Description


By default Squid checks that DNS responses are received from the same IP addresses that they are sent to. If they don't match, Squid ignores the response and writes a warning message to cache.log. You can allow responses from unknown nameservers by setting thisoption to 'off'


Default


ignore_unknown_nameservers on


Example

-

Caution

-


Tag Name

digest_generation

Usage

digest_generation on|off

Description


This controls whether the server will generate a Cache Digest of its contents. By default, Cache Digest generation is enabled if Squid is compiled with USE_CACHE_DIGESTS defined. This optionis only available if Squid is rebuilt with the --enable-cache-digests option


Default


digest_generation on


Example

-

Caution

-


Tag Name

digest_bits_per_entry

Usage

digest_bits_per_entry number

Description


This is the number of bits of the server's Cache Digest, which will be associated with the Digest entry for a given HTTP Method and URL (public key) combination. The default is 5. This option is only available if Squid is rebuilt with the --enable-cache-digests option


Default


digest_bits_per_entry 5


Example

-

Caution

-


Tag Name

digest_rebuild_period

Usage

digest_rebuild_period time-units

Description


This is the number of seconds between Cache Digest rebuilds. By default the server's Digest is rebuilt every hour. This option is only available if Squid is rebuilt with the --enable-cache-digests option


Default


digest_rebuild_period 1 hour


Example

-

Caution

-


Tag Name

digest_rewrite_period

Usage

digest_rewrite_period time-units

Description


This is the number of seconds between Cache Digest writes to disk. By default the server's Digest is written to disk everyhour. This option is only available if Squid is rebuilt with the--enable-cache-digests option


Default


digest_rewrite_period 1 hour


Example

-

Caution

-


Tag Name

digest_swapout_chunk_size

Usage

digest_swapout_chunk_size bytes

Description


This is the number of bytes of the Cache Digest to write to disk at a time. It defaults to 4096 bytes (4KB), the Squid default swap page. This option is only available if Squid is rebuilt with the --enable-cache-digests option


Default


digest_swapout_chunk_size 4096 bytes


Example

-

Caution

-


Tag Name

digest_rebuild_chunk_percentage

Usage

digest_rebuild_chunk_percentage %(0 to 100)

Description


This is the percentage of the Cache Digest to be scanned at a time. By default it is set to 10% of the Cache Digest. Thisoption is only available if Squid is rebuilt with the --enable-cache-digests option


Default


digest_rebuild_chunk_percentage 10


Example

-

Caution

-


Tag Name

chroot

Usage

chroot enable|disable

Description


Use this to have Squid do a chroot() while initializing. This also causes Squid to fully drop root privileges after initializing. This means, for example, that if you use a HTTP port less than 1024 and try to reconfigure, you will get an error


Default


none


Example

-

Caution

-


Tag Name

client_persistent_connections

Usage

client_persistent_connections on|off

Description

Persistent connection support for clients and servers. By default, Squid uses persistent connections (when allowed) with its clients and servers. You can use these options to disable persistent connections with clientsand/or server.

Related information :
If the browser is talking to web server directly, socket can be closed after it is done using keep-alive directive in apache configuration file. The same thing can be done in Squid using these directives client_persistent_connections and server_persistent_connections.


Default


client_persistent_connections on


Example

-

Caution

-


Tag Name

server_persistent_connections

Usage

server_persistent_connections on|off

Description


Persistent connection support for clients and servers. By default, Squid uses persistent connections (when allowed) with its clients and servers. You can use these options to disable persistent connections with clients and/or servers


Default


server_persistent_connections on


Example

-

Caution

-


Tag Name

pipeline_prefetch

Usage

pipeline_prefetch on|off

Description


To boost the performance of pipelined requests to closer match that of a non-proxied environment Squid tries to fetch up to two requests in parallell from a pipeline.


Default


pipeline_prefetch on


Example

-

Caution

-


Tag Name

extension_methods

Usage

extension_methods requestmethod

Description


Squid only knows about standardized HTTP request methods. You can add up to 20 additional "extension" methods here


Default


none


Example

-

Caution

-


Tag Name

high_response_time_warning

Usage

high_response_time_warning msec

Description


If the one-minute median response time exceeds this value,Squid prints a WARNING with debug level 0 to get the administrators attention. The value is in milliseconds


Default


high_response_time_warning 0


Example

-

Caution

-


Tag Name

high_page_fault_warning

Usage

high_page_fault_warning time-units

Description


If the one-minute average page fault rate exceeds this value, Squid prints a WARNING with debug level 0 to get the administrators attention. The value is in page faults per second


Default


high_page_fault_warning 0


Example

-

Caution

-


Tag Name

high_memory_warning

Usage

high_memory_warning number

Description


If the memory usage (as determined by mallinfo) exceeds value, Squid prints a WARNING with debug level 0 to get the administrators attention


Default


high_memory_warning 0


Example

-

Caution

-


Tag Name

store_dir_select_algorithm

Usage

store_dir_select_algorithm algorithm type

Description


Set this to 'round-robin' as an alternative


Default


store_dir_select_algorithm least_load


Example

-

Caution

-


Tag Name

ie_refresh

Usage

ie_refresh on|off

Description


Microsoft Internet Explorer up until version 5.5 Service Pack 1 has an issue with transparent proxies, wherein it is impossible to force a refresh. Turning this on provides a partial fix to the problem, by causing all IMS-REFRESH requests from older IE versions to check the origin server for fresh content. This reduces hit ratio by some amount (~10% in my experience), but allows users to actually get fresh content when they want it. Note that because Squid cannot tell if the user is using 5.5 or 5.5SP1, the behavior of 5.5 is unchanged from old versions of Squid (i.e. a forced refresh is impossible).Newer versions of IE will, hopefully, continue to have the new behavior and will be handled based on that assumption. This option defaults to the old Squid behavior, which is better for hit ratios but worse for clients using IE, if they need to be able to force fresh content


Default


ie_refresh off


Example

-

Caution

-